cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2015-9272,https://securityvulnerability.io/vulnerability/CVE-2015-9272,,"The videowhisper-video-presentation plugin 3.31.17 for WordPress allows remote attackers to execute arbitrary code because vp/vw_upload.php considers a file safe when ""html"" are the last four characters, as demonstrated by a .phtml file containing PHP code.",Wordpress,Video Presentation,9.8,CRITICAL,0.03551999852061272,false,,false,false,false,,false,false,2018-10-05T06:29:00.000Z,0
CVE-2014-4570,https://securityvulnerability.io/vulnerability/CVE-2014-4570,,Multiple cross-site scripting (XSS) vulnerabilities in the VideoWhisper Video Presentation plugin before 3.31 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) room_name parameter to c_login.php or (2) room parameter to index.php in vp/.,Wordpress,Video Presentation,,,0.0022499999031424522,false,,false,false,false,,false,false,2014-07-02T18:00:00.000Z,0